Difficulty: Moderately Challenging
Step1
Monitor the computer or network for out of the ordinary usage patterns. If there are spikes in computer network activity at strange or odd times then there may be denial of service or Ddos attack underway.
Step2
Create or use performance counters that can effectively monitor the unidentifiable packets of information that are on a network at any given moment. (See the resources section for more information.)
Step3
Check the security and vulnerability of the network on a regular basis. This requires a person to run a fake denial of service attack on his or her own network. There are network security firms that will run this "attack" for a fee, but make sure these firms are reputable.
Step4
Identify the sources of sustained network traffic. If a large amount of traffic is coming from a specific locale then a Ddos attack could be ongoing.
Step5
Understand when there are events that can cause a spike in traffic but are legitimate. Sometimes legitimate upticks in network activity can come from reputable sources such as new advertising campaign or a new product launch. A person needs to know the difference between this and a verifiable denial of service attack.
